Our goal is to protect information assets, identify security risks, leverage and share industry best practices. The Insider Threat Program is responsible to detect, analyze, mitigate, & respond to insider threats. This is a highly visible and collaborative position working with cross-functional senior leadership & internal teams.

Required Skills:

At least 2 years of direct experience in cybersecurity operations, threat analysis, or a related role (e.g., SOC, threat hunting, intelligence analysis).3 days per week on site (GTBC FORD MEXICO)Proficiency in network and/or host-based intrusion analysis to identify and respond to threatsExperience in one or more of the following areas: packet analysis, metadata analysis, or log correlation for threat detectionFamiliarity with RCA, SPLUNK, SOC/NOC, incident experience, risk management.Experience working with security telemetry, logs, or threat intelligence platforms to support investigations and decision-makingAbility to conduct in-depth analysis by correlating data from multiple sources to assess visibility into threat actor activityStrong english communication skills to effectively document challenges in event tracking and classification, supporting continuous improvement effortsExceptional analytical and critical thinking skills with a keen attention to detailProven ability to collaborate and work effectively in a globally distributed team environment

 

Must have

Experience in event correlation and leveraging security tools for identification & analysis of suspicious behavioral indicators.Knowledge of Insider Threat Behavioral Models.

 

Nice to Have

Global Counter Insider Threat Professional (GCITP) CertificationCERT SEI Insider Threat Analyst or Program Manager CertificationCISSPApply program management, thought leadership, and analysis skills to contribute to insider threat program daily operations and processesManage process and technology improvements related to improving our capability to detect, perform analysis, & respondGather, integrate, review, assess, and respond to information derived from Security, Human Resources, Legal, continuous monitoring, and other information sources to identify potential insider threat concernsPrepare and maintain insider threat reports & case filesCollaborate with colleagues across the organization (Compliance, Special Investigations, Privacy, Legal, IT, Global Security, Cyber Security, HR) to communicate technical information to both technical and nontechnical audiencesEstablish strong working relationships with stakeholders such that plans and requirements are fully understood, and issues are resolved effectively and efficientlyDevelop stakeholder briefings on trend analysis and identify new opportunities for program maturationKeep monitoring, triage, & test case processes updatedDrive organizational change to make Ford a safer and more secure place to workSupport regional expansion, including assessing new technologies & deployment activitiesManage supplier/vendor relationships & purchase orders related to the programSupport future state roadmap and initiativesContribute to other data security projects as required